I have been fascinated about IT security and firewalls. I was able to get some hands on exposure to firewall scripting if you like, during my Masters that I just completed. To rekindle my love towards this, I went back on my Ubuntu virtual machine and thought lets ‘try two simple tasks to do with iptables; adding and removing a basic rule’.
So, in Terminal, I type in :
iptables -A INPUT -s 192.168.0.6 -j DROP
This will drop all packets from the IP address after -s (for source IP). The IP here is my iPhone’s IP address. I use the Fing app on the iPhone to ping my machine after the iptables rule is activated and the packets are dropped, this is evident from the app returning the ‘unreachable’ message.
Now, to make the machine accept connections or packets from this IP address, all I have to do is delete this rule in the table. For this, I just change one character in the line as below. I would leave it for you to spot it and ponder the ‘why-hows’.
iptables -D INPUT -s 192.168.0.6 -j DROP
Now, I tried the ping from the same app on the iPhone and the machine was accepting connections.
While this is just a basic task, I would advise anyone interested in this area to explore and experiment more on iptables, its truly interesting!
Ishy's Blog 